By Geoff Evelyn
Cyber security is about data loss prevention, detection and response. Service delivery includes ensuring the protection, and managing the integrity, of content through its lifecycle. This is cross platform and cross industry. Whether you are using SharePoint on/off premise, or SharePoint is at the centre of an estate of multiple technologies, cyber security concerns all of these. These requirements directly relate to a technology current and future state – according to Gartner (and covered in my last keynote):
- By 2016 Biometric sensors will be featured in 40% of smartphones shipped to end users.
- By 2017 one-third of consumers in emerging markets will have never owned a windows device.
- By 2018 more than 50% of users will use a tablet or smartphone first for all online activities.
- By 2020 40% of enterprises will specify Wi-Fi as the default connection for non-mobile devices.
With the match of evolving technologies related to the above points, such as Internet of Things (IoT), Content Analytics, Hybrid Cloud Computing, Big Data, In Memory Database Management and more about to become widespread; how to provide integrity, protection, and governance to data becomes more important. We all work with data, utilising physical and digital technology in our daily lives. We use countless methods to create and use data, and assume that the accessed data has security maintained. In providing measures, providers of secure access to data provide measures to ensure legitimate access. Consequences resulting from unauthorised access to data could include:
- Time, effort and monetary resources to correct.
- Damage, deletion and compromise.
- Damage to reputation.
The global perspective
From a global perspective, there are security challenges in the ‘digital developed’ versus ‘digital developing’ world. For the developed world, users’ access information through a digital framework; internet services provisioned over high level Wifi and 3G/4G networks. But, in the developing world, there are some 950 million people still without the means to connect to these networks. Security provision is not a one-fits-all. Additional global challenges are ‘Freedom of Speech’, ‘Country A trusts Country B trusts Country C’ and the ‘Political Will’.
The company perspective
From a company perspective, the primary objective is to ensure the management of security; enforcing breach policies and governance is vitally important to ensure their data integrity. The challenge is that the company workplace is changing, and so is the physical infrastructure. Whilst physical and digital technology has become increasingly sophisticated, like dongles, passwords, data encryption, the task is convincing staff - from senior manages to entry level employees that they need to become more security accountable, becomes harder due to their emotions about security and privacy.
The personal perspective
From a personal perspective, security intertwines with privacy. Advances in technology threaten privacy, reducing the amount of control over data. Privacy affects technology use. The challenge is the space in which this takes place in the digital world, which is completely online through the use of the internet, which never corrects and never forgets.
In summary, humans adopt any cyber security imperative. Technology is neutral. More work needs to be done in the governance, training, and management of data to protect integrity and at the same time provide detection and contingency against loss. Opportunities include:
- Proactive security reporting
- Automated content filtering
- Protection of content via search engines
- Child Protection, for example, extremist content removal
- Security Automation - for example, E-mail scanning